Dedicated to the Hydrogen framework, headless commerce, and building custom storefronts using the Storefront API.
I'm trying to make a post request for a storefront access token, but I've been getting the error 'Required parameter missing or invalid'. I'm using axios to make the request, but I'm not sure what could be wrong or missing from the request.
const Url = 'https://' + shop + '/admin/api/2020-10/storefront_access_tokens.json';
axios(Url,{
method: 'post',
headers: {
'Accept':'application/json',
'Content-Type': 'application/json',
'X-Shopify-Access-Token': accessToken,
},
}).then(response => {
console.log(response)
}).catch(err => {
console.log(err.response);
});
The accessToken is a permanent one, app is a public sales channel, and I have an unauthenticated scope . I've tried without the "Accept' and "Content-Type" headers and received the same error. I haven't been able to find a concrete code example of this request, so I'm not sure what I'm missing with the documentation alone. If there is anything that I'm missing or anything you think could be wrong please let me know.
Solved! Go to the solution
This is an accepted solution.
I ended up solving the problem. I was missing the body portion that was mentioned in the documentation where the title would be added . Here's my code using axios in javascript for anyone that could use an example.
const Url = 'https://' + shop + '/admin/storefront_access_tokens.json';
axios(Url,{
method: 'post',
headers: {
'Accept':'application/json',
'Content-Type': 'application/json',
'X-Shopify-Access-Token': accessToken,
},
data: {
storefront_access_token: { title: 'Test2' }
},
}).then(response => {
console.log(response)
}).catch(err => {
console.log(err.response);
});
Where are you defining the accessToken variable?
It's defined after authentication
afterAuth(ctx) {
const { shop, accessToken } = ctx.session;
ctx.cookies.set('shopOrigin', shop, {
httpOnly: false,
secure: true,
sameSite: 'none'
});
ctx.cookies.set('accessToken', accessToken,{
httpOnly: false,
secure: true,
sameSite: 'none'
});
const Url = 'https://' + shop + '/admin/api/2020-10/storefront_access_tokens.json';
axios(Url,{
method: 'post',
headers: {
'Accept':'application/json',
'Content-Type': 'application/json',
'X-Shopify-Access-Token': accessToken,
},
}).then(response => {
console.log(response)
}).catch(err => {
console.log(err.response);
});
ctx.redirect('/');
}
Okay
This is where you're getting the shop and accessToken properties:
const { shop, accessToken } = ctx.session
You're accessing the properties via destructuring from the session context ctx.session variable.
Perhaps you can look at ctx.session or just ctx by doing a console.log(ctx) or console.log(ctx.session) in your code and look at the console output in the browser. You're looking for the properties shop & accessToken specifically and their values.
Let me know how that goes and we can go from there.
Mike
The values are the same from what I saw in the console.log of ctx.session, but I also saw a value of _expire: 1603756594267 which I assume it was for the access token that is generated. I understand in order to get a storefront-access-token the access token generated at authentication need to be permanent (or offline), but I'm not sure how to tell if it is permanent or not. Although if that was the problem I believe I would receive a response indicating that. I sent my compete authentication code just in case there anything blatantly wrong.
server.use(
createShopifyAuth({
apiKey: SHOPIFY_API_KEY,
secret: SHOPIFY_API_SECRET_KEY,
scopes: ['read_products','unauthenticated_read_product_listings'],
accessMode: 'offline',
afterAuth(ctx) {
const { shop, accessToken } = ctx.session;
ctx.cookies.set('shopOrigin', shop, {
httpOnly: false,
secure: true,
sameSite: 'none'
});
ctx.cookies.set('accessToken', accessToken,{
httpOnly: false,
secure: true,
sameSite: 'none'
});
const Url = 'https://' + shop + '/admin/api/2020-10/storefront_access_tokens.json';
axios(Url,{
method: 'post',
headers: {
'Accept':'application/json',
'Content-Type': 'application/json',
'X-Shopify-Access-Token': accessToken,
},
}).then(response => {
console.log(response)
}).catch(err => {
console.log(err.response);
});
ctx.redirect('/');
},
}),
)
This is an accepted solution.
I ended up solving the problem. I was missing the body portion that was mentioned in the documentation where the title would be added . Here's my code using axios in javascript for anyone that could use an example.
const Url = 'https://' + shop + '/admin/storefront_access_tokens.json';
axios(Url,{
method: 'post',
headers: {
'Accept':'application/json',
'Content-Type': 'application/json',
'X-Shopify-Access-Token': accessToken,
},
data: {
storefront_access_token: { title: 'Test2' }
},
}).then(response => {
console.log(response)
}).catch(err => {
console.log(err.response);
});
I've had the same exact issue as you: https://community.shopify.com/c/Shopify-APIs-SDKs/storefrontAccessTokenCreate-mutation-always-return...
Shopify Staff answered me, telling me I need to add all `unauthenticated_*` scopes to my Admin API scopes as well. I tried doing that and to no avail. I made sure to reinstall my app to get a fresh access token with these new scopes, but I still couldn't get rid of the unauthenticated error.